1. Technical Field
This invention relates to computers and, more particularly, to a device for limiting the addition and removal of data from a computer using an external data drive.
2. Background
Businesses often store sensitive data, such as customer and pricing lists, marketing plans, new product specifications, etc., in the internal storage media of computers. Internal storage media includes hard drives located locally such as within the computer housing or remotely connected by a server. These computers are often readily accessible by one or more employees both during and after business hours. A significant problem exists due to employees who steal or otherwise misuse the sensitive information stored on the computers. Part of the problem is that the sensitive information can be readily transferred from the computers to floppy disks, tapes or other portable storage media using an external drive connected to the computer. Employers are hesitant to remove the external drives especially when information must be added and removed from the computer using portable storage media during the normal course of business.
Employees also tend to bring computer software, such as games, to work and to install the computer software on the work computer using the external data drives. When the employee is not being watched, the employee plays the games during business hours instead of working. As can be appreciated, the effects of reduced productivity can be significant. Once the employee's software is loaded onto the computer, it is difficult to catch the employee playing the games without regularly monitoring the employee. Most computer games can be switched off quickly and/or include a screen which resembles a spreadsheet to fool the employer. Therefore, the employer is faced with either allowing the employee to play the games or paying for another employee to regularly monitor other employees. Both options are costly.
Another problem may occur when employees load computer software onto the computer. The employee's computer program or computer disk is sometimes corrupted by a virus which is inadvertently transferred to the work computer when the employee loads the computer software using the external data drive. Viruses destroy important files stored on the work computer and cause additional productivity losses. Disgruntled employees may purposely load a virus into the work computer after being fired.
Conventional access restriction devices prevent the use of the computer entirely by disabling the keyboard, hard drive, etc. When in a disabled mode, conventional access restriction devices prevent a complete bootup which in turn prevents the use of the computer. Manual data entry and other tasks (which do not require the addition and/or removal of information using the external data drives) cannot be performed.
Software based access control systems for controlling access to external data drives can easily be circumvented through the use of self-booting disks. Password-based access control systems are subject to security lapses such as inadvertent or purposeful disclosure of the passwords.
Therefore, a device which addresses the above-noted problems and which allows an employer or supervisor to control the addition and removal of data using external data drives without affecting the use of the computers in other modes is desirable.